Add community related docs

Author: alessfg

.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,9 +1,9 @@
 ---
 name: Bug report
 about: Create a bug report to help us improve
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
 ### Describe the bug
 
@@ -23,9 +23,9 @@ A clear and concise description of what you expected to happen.
 
 ### Your environment
 
-- Version of Docker
-- Version of the NGINX Unprivileged Docker image
-- Target deployment environment/platform
+- Version of Docker and method of installation (e.g. Docker Desktop / Docker Server)
+- Version/tag of the NGINX Unprivileged Docker image (e.g. `nginxinc/nginx-unprivileged:alpine`)
+- Target deployment environment/platform (e.g. OpenShift / Kubernetes / Docker Compose / etc...)
 
 ### Additional context
 

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,9 +1,9 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
 ### Is your feature request related to a problem? Please describe
 

.github/ISSUE_TEMPLATE/security_report.md

@@ -1,9 +1,9 @@
 ---
 name: Security report
 about: Create a security report to help us improve
-title: ''
-labels: ''
-assignees: ''
+title: ""
+labels: ""
+assignees: ""
 ---
 ### Describe the bug
 
@@ -24,4 +24,4 @@ Steps to reproduce the behavior:
 
 ### Additional context
 
-Does this security vulnerability relate to one of the NGINX libraries specified in the [`SECURITY`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/.github/SECURITY.md) doc?
+Does this security vulnerability relate to one of the NGINX libraries specified in the [`SECURITY`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/SECURITY.md) doc?

.github/SECURITY.md

@@ -4,9 +4,9 @@ Describe the use case and detail of the change. If this PR addresses an issue on
 
 ### Checklist
 
-Before creating a PR, run through this checklist and mark each as complete.
+Before creating a PR, run through this checklist and mark each as complete:
 
-- [ ] I have read the [`CONTRIBUTING`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) document.
-- [ ] I have tested that the NGINX Unprivileged Docker images build correctly on all supported platforms (check out the [`README`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/README.md) for more details).
-- [ ] I have deployed the NGINX Unprivileged Docker images on an unprivileged environment and checked that they run correctly.
+- [ ] I have read the [`CONTRIBUTING`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) document
+- [ ] I have run `./update.sh` and ensured all entrypoint/Dockerfile template changes have been applied to the relevant image entrypoint scripts & Dockerfiles
+- [ ] I have tested that the NGINX Unprivileged Docker images build and run correctly on all supported architectures on an unprivileged environment (check out the [`README`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/README.md) for more details)
 - [ ] I have updated any relevant documentation ([`README`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/README.md))

.github/pull_request_template.md

@@ -55,7 +55,7 @@ further defined and clarified by project maintainers.
 ## Enforcement
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at nginx@nginx.org. All
+reported by contacting the project team at <nginx[email protected]>. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.

CODE_OF_CONDUCT.md

@@ -34,7 +34,7 @@ To report a bug, open an issue on GitHub with the label `bug` using the availabl
 
 ### Report a Security vulnerability
 
-To report a secuirty vulnerability, open an issue on GitHub with the label `security` using the available security report issue template. Please ensure the security vulnerability directly impacts one of the NGINX dependencies listed in the [`SECURITY`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/.github/SECURITY.md) doc. Other security vulnerabilities should be addressed by the weekly Monday night build and as such will be promptly closed.
+To report a security vulnerability, open an issue on GitHub with the label `security` using the available security report issue template. Please ensure the security vulnerability directly impacts one of the NGINX dependencies listed in the [`SECURITY`](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/.github/SECURITY.md) doc. Other security vulnerabilities should be addressed by the weekly Monday night build and as such will be promptly closed.
 
 ### Suggest a Feature or Enhancement
 
@@ -54,7 +54,7 @@ Note: if you'd like to implement a new feature, please consider creating a featu
 Given this repository is a mirror image of the upstream [Docker NGINX image](https://github.com/nginxinc/docker-nginx), only two types of PRs will be considered:
 
 1. PRs that incorporate changes made to upstream images (e.g. there's a new NGINX release).
-2. PRs that add a critical feature or a nice-to-have enhancement for running these images on an unprivileged environment (e.g. allowing users specify the UID/GUI of the image user).
+2. PRs that add a critical feature or a nice-to-have enhancement for running these images on an unprivileged environment (e.g. allowing users specify to the UID/GID of the image user).
 
 ### Git Guidelines
 

CONTRIBUTING.md

@@ -1,13 +1,14 @@
 [![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)
+[![Community Support](https://badgen.net/badge/support/community/cyan?icon=awesome)](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/SUPPORT.md)
 
 # NGINX Unprivileged Docker Image
 
 This repo contains a series of Dockerfiles to create an NGINX Docker image that runs NGINX as a non root, unprivileged user. Notable differences with respect to the official NGINX Docker image include:
 
-* The default NGINX listen port is now `8080` instead of `80` (this is no longer necessary as of Docker `20.03` but it's still required in other container runtimes).
-* The default NGINX user directive in `/etc/nginx/nginx.conf` has been removed.
-* The default NGINX PID has been moved from `/var/run/nginx.pid` to `/tmp/nginx.pid`.
-* Change `*_temp_path` variables to `/tmp/*`.
+* The default NGINX listen port is now `8080` instead of `80` (this is no longer necessary as of Docker `20.03` but it's still required in other container runtimes)
+* The default NGINX user directive in `/etc/nginx/nginx.conf` has been removed
+* The default NGINX PID has been moved from `/var/run/nginx.pid` to `/tmp/nginx.pid`
+* Change `*_temp_path` variables to `/tmp/*`
 
 New images are built and pushed to on a weekly basis (every Monday night).
 
@@ -25,10 +26,20 @@ You can find built images in the following registries:
 * Docker Hub - <https://hub.docker.com/r/nginxinc/nginx-unprivileged>
 * GitHub Container Registry - <https://github.com/nginxinc/docker-nginx-unprivileged/pkgs/container/nginx-unprivileged>
 
-### Platforms
+### Architectures
 
 Most images are built for the `amd64`, `arm32v5` (for Debian), `arm32v6` (for Alpine), `arm32v7`, `arm64v8`, `i386`, `mips64le` (for Debian), `ppc64le` and `s390x` architectures.
 
 ## Common Issues
 
 * If you override the default `nginx.conf` file you may receive the message `nginx: [emerg] open() "/var/run/nginx.pid" failed (13: Permission denied)`, in this case you have to add the line `pid /tmp/nginx.pid` into your config.
+
+## Contributing
+
+Please see the [contributing guide](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) for guidelines on how to best contribute to this project.
+
+## License
+
+[Apache License, Version 2.0](https://github.com/nginxinc/ansible-role-nginx/blob/main/LICENSE)
+
+&copy; [F5, Inc.](https://www.f5.com/) 2023

README.md

@@ -0,0 +1,38 @@
+# Security Policy
+
+## Latest Versions
+
+We advise users to run or update to the most recent release of the NGINX Docker Unprivileged image. Older versions of the NGINX Docker Unprivileged image may not have all enhancements and/or bug fixes applied to them.
+
+## Reporting a Vulnerability
+
+### Docker NGINX Unprivileged Image
+
+If you find a security vulnerability that directly affects a direct NGINX library dependency we encourage you open an issue detailing the security vulnerability.
+
+For reference, the direct NGINX library dependencies are:
+
+- For Debian:
+  - `libc6`
+  - `libcrypt1`
+  - `libpcre2`
+  - `libssl`
+  - `zlib1g`
+
+- For Alpine Linux:
+  - `libc`
+  - `libcrypto`
+  - `libpcre2`
+  - `libssl`
+  - `libz`
+
+***Note: Only vulnerabilities related to direct NGINX library dependencies will be considered. Other security vulnerabilities should be addressed by the weekly Monday night build and as such will be promptly closed.***
+
+### Codebase
+
+If you find a security vulnerability that affects the codebase, we encourage you to report it to the F5 Security Incident Response Team (F5 SIRT):
+
+- If you’re an F5 customer with an active support contract, please contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities with any F5 product to the F5 Security Incident Response Team at <[email protected]>.
+
+For more information visit [https://www.f5.com/services/support/report-a-vulnerability](https://www.f5.com/services/support/report-a-vulnerability).

SECURITY.md

@@ -0,0 +1,37 @@
+# Support
+
+## Ask a Question
+
+We use GitHub for tracking bugs and feature requests related to all the Docker NGINX images (including all variants and container registries).
+
+Don't know how something in this project works? Curious if this project can achieve your desired functionality? Please open an issue on GitHub with the label `question`.
+
+## NGINX Specific Questions and/or Issues
+
+This isn't the right place to get support for NGINX specific questions, but the following resources are available below. Thanks for your understanding!
+
+### Community Slack
+
+We have a community [Slack](https://nginxcommunity.slack.com/)!
+
+If you are not a member, click [here](https://community.nginx.org/joinslack) to sign up (and let us know if the link does not seem to be working!)
+
+Once you join, check out the `#beginner-questions` and `nginx-users` channels :)
+
+### Documentation
+
+For a comprehensive list of all NGINX directives, check out <https://nginx.org>.
+
+For a comprehensive list of admin and deployment guides for all NGINX products, check out <https://docs.nginx.com>.
+
+### Mailing List
+
+Want to get in touch with the NGINX development team directly? Try using the relevant mailing list found at <https://mailman.nginx.org/mailman3/lists/>!
+
+## Contributing
+
+Please see the [contributing guide](https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/CONTRIBUTING.md) for guidelines on how to best contribute to this project.
+
+## Commercial Support
+
+Commercial support for this project may be available. Please get in touch with [NGINX sales](https://www.nginx.com/contact-sales/) or check your contract details for more info!